Malware
88 articles
Secret Blizzard
BOTNET
Secret Blizzard Upgrades Kazuar Backdoor Into P2P Botnet
May 16 · HIGH
Gremlin Stealer
STEALER
Gremlin Stealer Evolves: Crypto Clipping, Session Hijacking, Packed
May 15 · HIGH
TrickMo
TROJAN
TrickMo Android Trojan Uses TON Blockchain for C2, SOCKS5 Pivots
May 12 · HIGH
Macos
MALWARE
Google Ads, Claude Chats Push MacSync Infostealer to macOS Users
May 10 · HIGH
Winos 4.0
MALWARE
Fake OpenAI Repo on Hugging Face Pushes Rust Infostealer
May 9 · HIGH
NWHStealer
MALWARE
NWHStealer Uses Bun JavaScript Runtime to Evade Detection
May 8 · HIGH
OceanLotus
MALWARE
OceanLotus APT Uses PyPI Packages to Deliver ZiChatBot Malware
May 8 · HIGH
darkworm
BACKDOOR
PamDOORa Backdoor Steals SSH Credentials via Linux PAM Modules
May 8 · HIGH
Quasar Linux RAT
RAT
Quasar Linux RAT Targets Developers for Supply Chain Attacks
May 8 · HIGH
TCLBANKER
TROJAN
TCLBANKER Trojan Targets 59 Banks, Spreads via WhatsApp and Outlook
May 8 · HIGH
PCPJack
WORM
PCPJack Worm Steals Cloud Credentials, Wipes TeamPCP Infections
May 7 · HIGH
ZiChatBot
MALWARE
ZiChatBot Malware Spreads via PyPI Packages Using Zulip C2
May 7 · HIGH
APT37
MALWARE
APT37 Targets Ethnic Koreans in China With Android BirdCall Malware
May 6 · HIGH
CloudZ
MALWARE
CloudZ RAT Hijacks Microsoft Phone Link to Steal SMS, OTPs
May 5 · HIGH
BufferZoneCorp
MALWARE
Poisoned Ruby Gems, Go Modules Hijack CI/CD Pipelines
May 2 · HIGH
Deep#Door
BACKDOOR
Deep#Door Python Backdoor Targets Windows Systems for Espionage
May 1 · HIGH
Mini Shai-Hulud
MALWARE
Mini Shai-Hulud Attack Hijacks SAP, Lightning, Intercom Packages
May 1 · CRITICAL
LummaC2
MALWARE
CISA, FBI Warn of LummaC2 Infostealer Targeting Orgs
Apr 30 · HIGH
DEEP#DOOR
BACKDOOR
DEEP#DOOR Python Backdoor Steals Browser, Cloud Credentials
Apr 30 · HIGH
Pypi
MALWARE
PyTorch Lightning Compromised in PyPI Supply Chain Attack
Apr 30 · CRITICAL
Silver Fox
BACKDOOR
Silver Fox Targets Russia, India With ABCDoor Backdoor
Apr 30 · HIGH
mini Shai-Hulud
MALWARE
SAP npm Packages Hijacked in Credential-Stealing Supply Chain Attack
Apr 29 · CRITICAL
LofyGang
STEALER
LofyGang Returns With Minecraft-Targeted LofyStealer Malware
Apr 28 · HIGH
VECT
RANSOMWARE
VECT 2.0 Ransomware Wiper Bug Destroys Files Over 131KB
Apr 28 · CRITICAL
VECT Ransomware
RANSOMWARE
VECT Ransomware Wiper Bug Destroys Data, Not Just Encrypts
Apr 28 · CRITICAL
GlassWorm
STEALER
73 Fake VS Code Extensions Deliver GlassWorm v2 Info-Stealer
Apr 27 · HIGH
Fast16
MALWARE
Fast16 Malware Resurfaces in Supply Chain Attacks Abusing Trusted
Apr 27 · HIGH
GlassWorm
MALWARE
GlassWorm Malware Returns via 73 OpenVSX Sleeper Extensions
Apr 27 · HIGH
Axios
RAT
Axios npm Supply Chain Attack Delivers Cross-Platform RAT
Apr 26 · CRITICAL
Brushworm
MALWARE
BRUSHWORM Backdoor and BRUSHLOGGER Keylogger Hit South Asian Bank
Apr 26 · HIGH
CrystalX
RAT
CrystalX RAT Combines Spyware, Stealer, and Prankware in MaaS Offering
Apr 26 · HIGH
Operation Triangulation
MALWARE
Kaspersky Details Coruna Exploit Kit Behind Operation Triangulation
Apr 26 · CRITICAL
VoidLink
ROOTKIT
VoidLink Rootkit Framework Combines LKM and eBPF for Linux Persistence
Apr 26 · HIGH
Fast16
MALWARE
Pre-Stuxnet Malware 'Fast16' Targeted Iranian Precision Software
Apr 24 · HIGH
Supply Chain Attack
MALWARE
Bitwarden CLI Compromised in Checkmarx Supply Chain Attack
Apr 23 · CRITICAL
CanisterSprawl
WORM
CanisterSprawl Worm Hijacks npm Packages, Steals Developer Tokens
Apr 23 · HIGH
Supply Chain
MALWARE
Checkmarx KICS Supply-Chain Breach Hits Docker, VS Code
Apr 23 · CRITICAL
Lotus Wiper
WIPER
Lotus Wiper Strikes Venezuelan Energy Sector in Destructive Campaign
Apr 23 · CRITICAL
Mirai
BOTNET
Mirai Botnet Exploits D-Link Router Flaw CVE-2025-29635
Apr 23 · HIGH
Lazarus Group
MALWARE
North Korean Hackers Steal $12 Million in Crypto via Trojanized
Apr 23 · HIGH
Trigona
RANSOMWARE
Trigona Ransomware Deploys Custom Exfil Tool for Faster Data Theft
Apr 23 · HIGH
Browser Hijacking
STEALER
Fake TradingView AI Agent Site Drops Browser-Hijacking Malware
Apr 22 · HIGH
Harvester
BACKDOOR
Harvester Deploys Linux GoGra Backdoor via Microsoft Graph API
Apr 22 · HIGH
Kyber
RANSOMWARE
Kyber Ransomware Deploys Post-Quantum Encryption in Attacks
Apr 22 · HIGH
Energy
WIPER
Lotus Wiper Targets Venezuelan Energy Sector Before US Intervention
Apr 22 · HIGH
The Gentlemen
RANSOMWARE
The Gentlemen Ransomware Deploys Dual Lockers for Windows, Linux, and VMware
Apr 22 · HIGH
Infostealer
MALWARE
Fake Google Antigravity Installer Steals Accounts via Trojanized AI Tool
Apr 21 · HIGH
Kyber
RANSOMWARE
Kyber Ransomware Deploys Dual Payloads for Windows and VMware ESXi
Apr 21 · HIGH
Apple App Store
MALWARE
Malicious Crypto Apps Hijack Recovery Phrases from Apple App Store
Apr 21 · HIGH
NGate
MALWARE
NGate Malware Trojanizes HandyPay App to Steal Brazilian NFC Data
Apr 21 · HIGH
Ngate
MALWARE
NGate Malware Uses AI to Evade Detection in Trojanized NFC Apps
Apr 21 · HIGH
Purerat
MALWARE
PureRAT Malware Evades Detection with PNG-Stashed Payloads
Apr 21 · HIGH
FakeWallet
MALWARE
FakeWallet Crypto Stealer Infects iOS Devices via Apple App Store
Apr 20 · HIGH
Gh0st Rat
RAT
Gh0st RAT and CloverPlus Adware Deployed in Dual-Payload Campaign
Apr 20 · HIGH
Infostealer
DROPPER
MiningDropper Framework Delivers Infostealers, RATs to Android Devices
Apr 20 · HIGH
The Gentlemen
RANSOMWARE
The Gentlemen Ransomware Deploys SystemBC Proxy for C2 Evasion
Apr 20 · HIGH
Chrome
MALWARE
108 Malicious Chrome Extensions Hijack Browsers, Steal Google and Telegram Data
Apr 19 · HIGH
Mirax
RAT
Mirax Android RAT Infects 220,000 Users via Meta Ads, Creates SOCKS5 Proxy
Apr 19 · HIGH
Omnistealer
MALWARE
Omnistealer Malware Harvests Passwords, Crypto Wallets via Blockchain C2
Apr 19 · HIGH
Lumma Stealer
STEALER
Lumma Stealer Campaign Deploys Sectop RAT via Malicious PDFs
Apr 18 · HIGH
Mirai
BOTNET
Mirai Variant Nexcorium Exploits DVR Flaw to Build DDoS Botnet
Apr 18 · MEDIUM
Initial Access
RAT
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Attacks
Apr 18 · HIGH
Information Stealer
STEALER
Fake Proton VPN Sites and Gaming Mods Spread NWHStealer Malware
Apr 17 · HIGH
Payouts King
RANSOMWARE
Payouts King Ransomware Deploys QEMU VMs as Stealthy Reverse SSH Backdoors
Apr 17 · HIGH
Malware Delivery
MALWARE
Fake Adobe Reader Downloads Deploy ScreenConnect via In-Memory Loader
Apr 16 · HIGH
Turkey
RANSOMWARE
JanaWare Ransomware Campaign Targets Turkish Homes and SMBs for Six Years
Apr 16 · HIGH
Evasion
BOTNET
PowMix Botnet Targets Czech Workforce with Randomized C2 Traffic
Apr 16 · HIGH
Adware
MALWARE
Adware Campaign Hijacks DNS to Expose Thousands of OT and Government Endpoints
Apr 15 · HIGH
Espionage
MALWARE
AgingFly Malware Targets Ukrainian Government and Hospitals
Apr 15 · HIGH
Wordpress
BACKDOOR
EssentialPlugin WordPress Suite Compromised to Deploy Backdoor on Thousands of
Apr 15 · HIGH
Mobile Threat
BOTNET
Mirax Android RAT Evolves with Proxy Network and Data Theft Capabilities
Apr 15 · HIGH
Adware
MALWARE
Signed Adware Tool Disables Antivirus with SYSTEM Privileges
Apr 15 · HIGH
Macos
MALWARE
Fake Ledger Live App on Apple App Store Steals $9.5M in Cryptocurrency
Apr 14 · HIGH
Janela Rat
RAT
Janela RAT Campaign Targets Latin American Finance with Fake MSI Installers
Apr 14 · HIGH
Chrome Extensions
MALWARE
Malicious Chrome Extensions Hijack OAuth Tokens, Deploy Backdoors
Apr 14 · HIGH
Proxy Botnet
RAT
Mirax Android RAT Steals Credentials, Enslaves Phones for Proxy Network
Apr 14 · HIGH
Plugx
WORM
PlugX USB Worm Evolves with DLL Sideloading for Cross-Continent Spread
Apr 14 · HIGH
Macos
MALWARE
ClickFix Mac Malware Campaign Uses Fake Apple Page to Deliver Payloads
Apr 13 · MEDIUM
Supply Chain
RAT
CPUID Software Downloads Compromised, Delivered STX RAT Malware
Apr 13 · HIGH
Russian-speaking threat actor
RAT
CPUID Website Compromised to Distribute Trojanized System Utilities
Apr 13 · HIGH
Plugx
RAT
Fake Claude AI Website Delivers PlugX RAT via DLL Sideloading
Apr 13 · HIGH
Janelarat
RAT
JanelaRAT Evolves with New Anti-Analysis and Data Theft Capabilities
Apr 13 · HIGH
Janelarat
RAT
JanelaRAT Malware Campaign Targets Latin American Financial Sector
Apr 13 · HIGH
Spear Phishing
MALWARE
LucidRook Malware Targets NGOs and Universities in Taiwan via Spear-Phishing
Apr 13 · HIGH
REF6598
RAT
Obsidian Plugin Ecosystem Abused to Deliver PhantomPulse RAT in Targeted Campaign
Apr 13 · HIGH
Python
BACKDOOR
VIPERTUNNEL Python Backdoor Evades Detection via Fake DLL and Obfuscated Loader
Apr 13 · HIGH
ClickFix
MALWARE
ClickFix Malware Campaign Evades macOS Defenses via Script Editor
Apr 12 · HIGH
Plugx
MALWARE
Fake Claude AI Site Delivers PlugX Malware in Trojanized Installer
Apr 12 · HIGH